Bugfixes on logout and kicking

CHANGELOG

@@ -1,3 +1,10 @@
+Version 1.3 - Apr. 4, 2015
+Bugfixes on logout and kicking
+
+Version 1.2 - Apr. 2, 2015
+Include letters when generating captchas not only numbers
+Moved rules to database to make changes more easily in the setup
+
 Version 1.1 - Apr. 2, 2015
 Some simplifications
 Added ignore feature

README

@@ -60,6 +60,7 @@ Then copy the script to your web-server directory and call the script in your br
 	http://(server)/(script-name).php?action=setup
 Now you can create the Superadmin account. With this account you can administer the chat and add new members and set the guest access.
 As soon as you are done with the setup, all necessary database tables will be created and the chat can be used.
+Note: If you updated the script, please visit http://(server)/(script-name).php?action=setup again, to make sure, that any database changes are applied and no errors occure.
 
 TRANSLATING:
 

README.md

@@ -45,6 +45,7 @@ Then copy the script to your web-server directory and call the script in your br
 	http://(server)/(script-name).php?action=setup
 Now you can create the Superadmin account. With this account you can administer the chat and add new members and set the guest access.
 As soon as you are done with the setup, all necessary database tables will be created and the chat can be used.
+Note: If you updated the script, please visit http://(server)/(script-name).php?action=setup again, to make sure, that any database changes are applied and no errors occure.
 
 Translating:
 ------------

chat.php

@@ -55,9 +55,8 @@ if(!isSet($_REQUEST['action'])){
 }elseif($_REQUEST['action']=='post'){
 	check_session();
 	if(isSet($_REQUEST['kick']) && isSet($_REQUEST['sendto']) && valid_nick($_REQUEST['sendto'])){
-		if($U['status']>=5 || ($countmods==0 && $U['status']>=3)){
+		if($U['status']>=5 || ($C['memkick'] && $countmods==0 && $U['status']>=3)){
-			kick_chatter(array($_REQUEST['sendto']), $_REQUEST['message']);
+			if(kick_chatter(array($_REQUEST['sendto']), $_REQUEST['message']) && isSet($_REQUEST['what']) && $_REQUEST['what']=='purge') del_all_messages($_REQUEST['sendto']);
-			if(isSet($_REQUEST['what']) && $_REQUEST['what']=='purge') del_all_messages($_REQUEST['sendto']);
 		}
 	}elseif(isSet($_REQUEST['message']) && isSet($_REQUEST['sendto']) && !preg_match('/^\s*$/',$_REQUEST['message'])){
 		validate_input();
@@ -108,8 +107,7 @@ if(!isSet($_REQUEST['action'])){
 		send_admin();
 	}elseif($_REQUEST['do']=='kick'){
 		if(!isSet($_REQUEST['name'])) send_admin();
-		kick_chatter($_REQUEST['name'], $_REQUEST['kickmessage']);
+		if(kick_chatter($_REQUEST['name'], $_REQUEST['kickmessage']) && isSet($_REQUEST['what']) && $_REQUEST['what']=='purge'){
-		if(isSet($_REQUEST['what']) && $_REQUEST['what']=='purge'){
 			foreach($_REQUEST['name'] as $name){
 				del_all_messages($name);
 			}
@@ -162,6 +160,11 @@ if(!isSet($_REQUEST['action'])){
 		}
 	}elseif($_REQUEST['do']=='messages'){
 		update_messages();
+	}elseif($_REQUEST['do']=='rules'){
+		$_REQUEST['rulestxt']=preg_replace("/\r\n/", '<br>', $_REQUEST['rulestxt']);
+		$_REQUEST['rulestxt']=preg_replace("/\n/", '<br>', $_REQUEST['rulestxt']);
+		$_REQUEST['rulestxt']=preg_replace("/\r/", '<br>', $_REQUEST['rulestxt']);
+		update_setting('rulestxt', $_REQUEST['rulestxt']);
 	}
 	send_setup();
 }elseif($_REQUEST['action']=='init'){
@@ -263,22 +266,22 @@ function send_setup(){
 	echo "<center><h2>$I[setup]</h2><table cellspacing=\"0\">";
 	thr();
 	echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[guestacc]</b></td><td align=\"right\">";
-	echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'guestaccess').hidden('nick', $_REQUEST['nick']).hidden('pass', $_REQUEST['pass'])."<table cellspacing=\"0\">";
+	echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'guestaccess').hidden('nick', $_REQUEST['nick']).hidden('pass', $_REQUEST['pass']).'<table cellspacing="0">';
-	echo "<tr><td align=\"left\">&nbsp;<input type=\"radio\" name=\"set\" id=\"set1\" value=\"1\"";
+	echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set1" value="1"';
-	if($ga==1) echo " checked";
+	if($ga==1) echo ' checked';
 	echo "><label for=\"set1\">&nbsp;$I[guestallow]</label></td><td>&nbsp;</td><tr>";
-	echo "<tr><td align=\"left\">&nbsp;<input type=\"radio\" name=\"set\" id=\"set2\" value=\"2\"";
+	echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set2" value="2"';
-	if($ga==2) echo " checked";
+	if($ga==2) echo ' checked';
 	echo "><label for=\"set2\">&nbsp;$I[guestwait]</label></td><td>&nbsp;</td><tr>";
-	echo "<tr><td align=\"left\">&nbsp;<input type=\"radio\" name=\"set\" id=\"set3\" value=\"3\"";
+	echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set3" value="3"';
-	if($ga==3) echo " checked";
+	if($ga==3) echo ' checked';
 	echo "><label for=\"set3\">&nbsp;$I[adminallow]</label></td><td>&nbsp;</td><tr>";
-	echo "<tr><td align=\"left\">&nbsp;<input type=\"radio\" name=\"set\" id=\"set0\" value=\"0\"";
+	echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set0" value="0"';
-	if($ga==0) echo " checked";
+	if($ga==0) echo ' checked';
-	echo "><label for=\"set0\">&nbsp;$I[guestdisallow]</label></td><td>&nbsp;</td></tr><tr><td>&nbsp;</td><td align=\"right\">".submit($I['change'])."</td></tr></table></form></td></tr></table></td></tr>";
+	echo "><label for=\"set0\">&nbsp;$I[guestdisallow]</label></td><td>&nbsp;</td></tr><tr><td>&nbsp;</td><td align=\"right\">".submit($I['change']).'</td></tr></table></form></td></tr></table></td></tr>';
 	thr();
 	echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[sysmessages]</b></td><td align=\"right\">";
-	echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'messages').hidden('nick', $_REQUEST['nick']).hidden('pass', $_REQUEST['pass'])."<table cellspacing=\"0\">";
+	echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'messages').hidden('nick', $_REQUEST['nick']).hidden('pass', $_REQUEST['pass']).'<table cellspacing="0">';
 	echo "<tr><td>&nbsp;$I[msgenter]</td><td>&nbsp;<input type=\"text\" name=\"msgenter\" value=\"".get_setting('msgenter').'"></td></tr>';
 	echo "<tr><td>&nbsp;$I[msgexit]</td><td>&nbsp;<input type=\"text\" name=\"msgexit\" value=\"".get_setting('msgexit').'"></td></tr>';
 	echo "<tr><td>&nbsp;$I[msgmemreg]</td><td>&nbsp;<input type=\"text\" name=\"msgmemreg\" value=\"".get_setting('msgmemreg').'"></td></tr>';
@@ -289,6 +292,11 @@ function send_setup(){
 	echo "<tr><td>&nbsp;$I[msgclean]</td><td>&nbsp;<input type=\"text\" name=\"msgclean\" value=\"".get_setting('msgclean').'"></td></tr>';
 	echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
 	thr();
+	echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[rules]</b></td><td align=\"right\">";
+	echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'rules').hidden('nick', $_REQUEST['nick']).hidden('pass', $_REQUEST['pass']).'<table cellspacing="0">';
+	echo '<tr><td colspan=2><textarea name="rulestxt" rows="4" cols="60">'.htmlspecialchars(get_setting('rulestxt')).'</textarea></td></tr>';
+	echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
+	thr();
 	echo "</table><$H[form]>".hidden('action', 'setup').submit($I['logout']).'</form>';
 	print_credits();
 	print_end();
@@ -647,7 +655,7 @@ function send_waiting_room(){
 			echo "</head>$H[begin_body]<center><h2>$I[waitingroom]</h2><p>".sprintf($I['admwaittext'], $U['displayname']).'</p><br><p>'.sprintf($I['waitreload'], $C['defaultrefresh']).'</p><br><br>';
 		}
 		echo "<hr><form action=\"$_SERVER[SCRIPT_NAME]\" method=\"post\">".hidden('action', 'wait').hidden('session', $U['session']).submit($I['reload']).'</form><br>';
-		echo "<h2>$I[rules]</h2><b>$C[rulestxt]</b></center>";
+		echo "<h2>$I[rules]</h2><b>".get_setting('rulestxt').'</b></center>';
 		print_end();
 	}
 }
@@ -708,7 +716,7 @@ function send_post(){
 		}
 	}
 	echo '</select>';
-	if($U['status']>=5 || ($countmods==0 && $U['status']>=3)){
+	if($U['status']>=5 || ($C['memkick'] && $countmods==0 && $U['status']>=3)){
 		echo "<input type=\"checkbox\" name=\"kick\" id=\"kick\" value=\"kick\"><label for=\"kick\">&nbsp;$I[kick]</label>";
 		echo "<input type=\"checkbox\" name=\"what\" id=\"what\" value=\"purge\" checked><label for=\"what\">&nbsp;$I[alsopurge]</label>";
 	}
@@ -729,7 +737,7 @@ function send_post(){
 function send_help(){
 	global $U, $C, $H, $I;
 	print_start();
-	echo "<h2>$I[rules]</h2>$C[rulestxt]<br><br><hr><h2>$I[help]</h2>$I[helpguest]";
+	echo "<h2>$I[rules]</h2>".get_setting('rulestxt')."<br><br><hr><h2>$I[help]</h2>$I[helpguest]";
 	if($C['imgembed'] || $C['vidembed']) echo "<br>$I[helpembed]";
 	if($U['status']>=3){
 		echo "<br>$I[helpmem]<br>";
@@ -892,7 +900,11 @@ function send_login(){
 	print_start();
 	echo "<center><h1>$C[chatname]</h1><$H[form] target=\"_parent\">".hidden('action', 'login');
 	if($C['enablecaptcha']){
-		$code=rand(0, 99999);
+		$length=strlen($C['captchachars']);
+		$code='';
+		for($i=0;$i<5;$i++) {
+			$code .= $C['captchachars'][rand(0, $length-1)];
+		}
 		$randid=rand(0, 99999999);
 		$enc=base64_encode(openssl_encrypt("$code, $randid", 'aes-128-cbc', $C['captchapass'], 0, '1234567890123456'));
 		$stmt=mysqli_prepare($mysqli, 'INSERT INTO `captcha` (`id`, `time`) VALUES (?, \''.time().'\')');
@@ -908,12 +920,16 @@ function send_login(){
 		echo send_captcha($code);
 		echo '</td><td align="right"><input type="text" name="captcha" size="15" autocomplete="off"></td></tr>';
 	}
-	echo "<tr><td colspan=\"2\" align=\"center\">$I[choosecol]<br><select style=\"text-align:center;\" name=\"colour\"><option value=\"\">* $I[randomcol] *</option>";
+	if(get_setting('guestaccess')>0){
-	print_colours();
+		echo "<tr><td colspan=\"2\" align=\"center\">$I[choosecol]<br><select style=\"text-align:center;\" name=\"colour\"><option value=\"\">* $I[randomcol] *</option>";
-	echo '</select></td></tr>';
+		print_colours();
+		echo '</select></td></tr>';
+	}else{
+		echo "<tr><td colspan=\"2\" align=\"center\">$I[noguests]</td></tr>";
+	}
 	$nowchatting=get_nowchatting();
 	echo '<tr><td colspan="2" align="center">'.submit($I['enter'])."</td></tr></table></form>$nowchatting";
-	echo "<h2>$I[rules]</h2><b>$C[rulestxt]</b><br><br><p>$I[changelang]";
+	echo "<h2>$I[rules]</h2><b>".get_setting('rulestxt')."</b><br><br><p>$I[changelang]";
 	foreach($L as $lang=>$name){
 		echo " <a href=\"$_SERVER[SCRIPT_NAME]?lang=$lang\">$name</a>";
 	}
@@ -1150,11 +1166,11 @@ function kick_chatter($names, $mes){
 	}
 	mysqli_stmt_close($stmt);
 	if($C['msgkick']){
-		if($names[0]=='&'){
+		if($lonick!==''){
-			add_system_message(get_setting('msgallkick'));
+			if($names[0]=='&'){
-		}else{
+				add_system_message(get_setting('msgallkick'));
-			$lonick=preg_replace('/\,\s$/','',$lonick);
+			}else{
-			if($lonick!==''){
+				$lonick=preg_replace('/\,\s$/','',$lonick);
 				if($i>1){
 					add_system_message(sprintf(get_setting('msgmultikick'), $lonick));
 				}else{
@@ -1163,6 +1179,8 @@ function kick_chatter($names, $mes){
 			}
 		}
 	}
+	if($lonick!=='') return true;
+	return false;
 }
 
 function logout_chatter($names){
@@ -1181,7 +1199,7 @@ function logout_chatter($names){
 					if($temp['status']==1){
 						mysqli_stmt_bind_param($stmt1, 's', $temp['nickname']);
 						mysqli_stmt_bind_param($stmt2, 's', $temp['nickname']);
-						mysqli_stmt_bind_param($stmt3, 's', $temp['nickname'], $temp['nickname']);
+						mysqli_stmt_bind_param($stmt3, 'ss', $temp['nickname'], $temp['nickname']);
 						mysqli_stmt_execute($stmt1);
 						mysqli_stmt_execute($stmt2);
 						mysqli_stmt_execute($stmt3);
@@ -2003,6 +2021,9 @@ function update_db(){
 			mysqli_query($mysqli, 'ALTER TABLE `ignored` ADD PRIMARY KEY (`id`)');
 			mysqli_query($mysqli, 'ALTER TABLE `ignored` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT');
 		}
+		if($dbversion<3){
+			mysqli_query($mysqli, 'INSERT INTO `settings` (`setting`, `value`) VALUES (\'rulestxt\', \'1. YOUR_RULS<br>2. YOUR_RULES\')');
+		}
 		update_setting('dbversion', $C['dbversion']);
 		send_update();
 	}
@@ -2079,7 +2100,7 @@ function check_db(){
 	$mysqli=mysqli_connect($C['dbhost'], $C['dbuser'], $C['dbpass'], $C['dbname']);
 	if(mysqli_connect_errno($mysqli)){
 		if($_REQUEST['action']=='setup'){
-			die($I['nosetupdb']);
+			die($I['nodbsetup']);
 		}else{
 			die($I['nodb']);
 		}
@@ -2105,9 +2126,9 @@ function load_lang(){
 function load_config(){
 	global $C;
 	$C=array(
-		'version'	=>'1.1', // Script version
+		'version'	=>'1.3', // Script version
-		'dbversion'	=>2, // Database version
+		'dbversion'	=>3, // Database version
-		'showcredits'	=>true, // Allow showing credits
+		'showcredits'	=>false, // Allow showing credits
 		'colbg'		=>'000000', // Background colour
 		'coltxt'	=>'FFFFFF', // Default text colour
 		'collnk'	=>'0000FF', // Link colour
@@ -2134,6 +2155,7 @@ function load_config(){
 		'dbpass'	=>'YOUR_DB_PASS', // Database password
 		'dbname'	=>'public_chat', // Database
 		'captchapass'	=>'YOUR_PASS', // Password used for captcha encryption
+		'captchachars'	=>'0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', // Characters used for captcha generation
 		'enablecaptcha'	=>true, // Enable captcha? ture/false
 		'dismemcaptcha'	=>false, // Disable captcha for members? ture/false
 		'embed'		=>true, // Default for displaying embedded imgs/vids or turn them into links true/false
@@ -2145,12 +2167,12 @@ function load_config(){
 		'msglogout'	=>false, // Add a message on member logout
 		'msglogin'	=>true, // Add a message on member login
 		'msgkick'	=>true, // Add a message when kicking someone
+		'memkick'	=>true, // Let a member kick guests if no mod is present
 		'sendmail'	=>false, // Send mail on new message - only activate on low traffic chat or your inbox will fill up very fast!
 		'mailsender'	=>'www-data <www-data@localhost>', // Send mail using this e-Mail address
 		'mailreceiver'	=>'Webmaster <webmaster@localhost>', // Send mail to this e-Mail address
 		'redirect'	=>"$_SERVER[SCRIPT_NAME]?action=redirect&url=", // Redirect script default: "$_SERVER[SCRIPT_NAME]?action=redirect&url="
-		'lang'		=>'en', // Default language
+		'lang'		=>'en' // Default language
-		'rulestxt'	=>'1. YOUR_RULS<br>2. YOUR_RULES' // Rules - divide multiple rules by <br> to make them appear in a new line
 	);
 }
 ?>

lang_de.php

@@ -20,7 +20,7 @@
 
 $I=array(
 	'nodb' => 'Keine Verbindung zur Datenbank!',
-	'nodsetupb' => 'Keine Verbindung zur Datenbank, bitte erstelle eine Datenbank und bearbeite das Skript, um die korrekte Datenbank mit angegebenem Benutzernamen und Passwort zu benutzen.',
+	'nodbsetup' => 'Keine Verbindung zur Datenbank, bitte erstelle eine Datenbank und bearbeite das Skript, um die korrekte Datenbank mit angegebenem Benutzernamen und Passwort zu benutzen.',
 	'changelang' => 'Sprache ändern:',
 	'expire' => 'Ungültige/abgelaufene Sitzung',
 	'kicked' => 'Rausgeschmissen!',

lang_en.php

@@ -21,7 +21,7 @@
 //Language: English
 $I=array(
 	'nodb' => 'No Connection to Database!',
-	'nodsetupb' => 'No Connection to Database, please create a database and edit the script to use the correct database with given username and password!',
+	'nodbsetup' => 'No Connection to Database, please create a database and edit the script to use the correct database with given username and password!',
 	'changelang' => 'Change language:',
 	'expire' => 'Invalid/expired session',
 	'kicked' => 'Kicked!',